From owner-freebsd-ipfw@FreeBSD.ORG  Tue Jan 20 13:45:22 2004
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2717A16A4CE
	for <freebsd-ipfw@freebsd.org>; Tue, 20 Jan 2004 13:45:22 -0800 (PST)
Received: from vulcan.g3host.net (vulcan.g3host.net [207.44.154.5])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 94A9143D1F
	for <freebsd-ipfw@freebsd.org>; Tue, 20 Jan 2004 13:45:14 -0800 (PST)
	(envelope-from lattera@nosleep.info)
Received: (from apache@localhost)
	by vulcan.g3host.net (8.11.6/8.11.6) id i0KLjEm23782;
	Tue, 20 Jan 2004 16:45:14 -0500
X-Authentication-Warning: vulcan.g3host.net: apache set sender to
	lattera@nosleep.info using -f
Received: from 204.113.120.202 (proxying for 204.113.113.135)
        (SquirrelMail authenticated user lattera@nosleep.info)
        by vulcan.g3host.net with HTTP;
        Wed, 21 Jan 2004 04:45:14 +0700 (GMT-7)
Message-ID: <1651.204.113.120.202.1074635114.squirrel@vulcan.g3host.net>
Date: Wed, 21 Jan 2004 04:45:14 +0700 (GMT-7)
From: "lattera" <lattera@nosleep.info>
To: freebsd-ipfw@freebsd.org
User-Agent: SquirrelMail/1.4.1-1.7.ct
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3
Importance: Normal
Subject: Re: divert sockets code
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Jan 2004 21:45:22 -0000

Correction:
 	if (bind(sockfd, (struct sockaddr *)&server, sizeof(server)) < 0) {
 		perror("bind");
 		exit(1);
 	}	exit(1);


should read:

 	if (bind(sockfd, (struct sockaddr *)&server, sizeof(server)) < 0) {
 		perror("bind");
 		exit(1);
 	}

> I can't seem to get pointers right in my code:
>
> #include <stdio.h>
> #include <stdlib.h>
> #include <string.h>
> #include <unistd.h>
>
> #define USE_BSD
> #include <sys/types.h>
> #include <sys/socket.h>
> #include <netinet/in.h>
>
> #include <netinet/tcp.h>
> #include <netinet/in_systm.h>
> #include <netinet/ip.h>
>
> #define PORT 6137
>
> int main(int argc, char *argv[])
> {
> 	int sockfd, n, clisize, ipsize, tcpsize, i;
> 	struct sockaddr_in server, client;
> 	char buf[65536], *payload;
> 	struct tcphdr *tcp;
> 	struct ip *iphdr;
>
> 	if ((sockfd = socket(PF_INET, SOCK_RAW, IPPROTO_DIVERT)) < 0)
> 	{
> 		perror("socket");
> 		exit(1);
> 	}
> 	server.sin_family = PF_INET;
> 	server.sin_port = htons(PORT);
> 	server.sin_addr.s_addr = INADDR_ANY;
> 	if (bind(sockfd, (struct sockaddr *)&server, sizeof(server)) < 0) {
> 		perror("bind");
> 		exit(1);
> 	}	exit(1);
>
> 	while (1)
> 	{
> 		clisize = sizeof(client);
> 		if ((n=recvfrom(sockfd, buf, sizeof(buf), 0, (struct sockaddr *)&client,
> &clisize))<0)
> 		{
> 			perror("recv");
> 			exit(1);
> 		}
> 		iphdr = (struct ip *)buf;
> 		if (iphdr->ip_p != IPPROTO_TCP)
> 		{
> 			if (sendto(sockfd, buf, n, 0, (struct sockaddr *)&client, clisize) !=
> n)
> 			{
> 				perror("send");
> 				exit(1);
> 			}
> 		}
> 		tcp = (struct tcphdr *)(buf + (4*(iphdr->ip_hl)));
> 		if (!(tcp->th_flags & TH_PUSH))
> 		{
> 			if (sendto(sockfd, buf, n, 0, (struct sockaddr *)&client, clisize) !=
> n)
> 			{
> 				perror("send");
> 				exit(1);
> 			}
> 			continue;
> 		}
>
> 		payload = (char *)(tcp + ((tcp->th_off)*4));
> 		if (strstr(payload, "GET /etc/passwd"))
> 			continue;
>
> 		if (sendto(sockfd, buf, n, 0, (struct sockaddr *)&client, clisize) !=
n) {
> 			perror("send");
> 			exit(1);
> 		}
> 	}
> }
>
> Can someone tell me what I need to do?
>
> Attached is the C source file of the above code (for readability)
>
>
> --
> "So crucify the go before it's far too late to leave behind this place
so negative and blind and cynical and you will come to find that we are
all one mind capable of all that's imagined and all conceivable." --
Tool - Reflection
> http://lattera.nosleep.info
> http://www.sf.net/projects/hidprox_______________________________________________
freebsd-ipfw@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
> To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org"
>


-- 
"So crucify the go before it's far too late to leave behind this place so
negative and blind and cynical and you will come to find that we are all
one mind capable of all that's imagined and all conceivable." -- Tool -
Reflection
http://lattera.nosleep.info
http://www.sf.net/projects/hidprox